Sonatype is excited to announce the release of DepShield, an app powered
by OSS Index to identify and remediate vulnerabilities in GitHub projects. Install on your public or private Maven
Java repositories to get actionable OSS Index data directly inside your GitHub project.

Sonatype OSS Index

OSS Index is a free service used by developers to identify open source dependencies and determine if
there are any known, publicly disclosed, vulnerabilities.

OSS Index is based on vulnerability data derived from public sources
and does not include human curated intelligence nor expert remediation
guidance.

Software development teams with requirements for fully automated open source governance powered by precise,
curated, and actionable intelligence should investigate the
Nexus Platform.

Automate open source governance across your entire development lifecycle at scale with precise, human curated,
actionable intelligence.
The Nexus Platform from Sonatype enables you to release faster while controlling open source risk.